Recent world events and increasing global competition have accelerated efforts to merge physical and logical security systems, particularly for large commercial, industrial and governmental enterprises. However, these merger efforts have been significantly hampered by the large installed base of proprietary physical security systems. These priority physical security systems often utilize proprietary networking architectures, communications protocols, databases and file systems which are difficult to integrate into modern networking security systems. An example of a proprietary security system is described in U.S. Pat. No. 5,682,142 to Loosmore, et al. The Loosmore reference discloses an integrated security system which is intended to be operated as a separate standalone security system.
Incompatibilities between the physical and logical security systems frequently lead to serious deficiencies for either or both the physical and logical security systems. In a recently cited example, a human resources database indicated that an employee had been terminated, but the former employee's e-mail and network access still had the former employee shown as active, which would have allowed the former employee logical access to corporate resources. This example is described by D. Smith, in the journal esecure, Sep. 2002; (22) which is herein incorporated by reference. While this example is more illustrative of logical incompatibilities between different organizational databases, it is not difficult for one to imagine a similar situation where a physical access card is retained in an active status due to incompatibilities between physical and logical security systems. This concern is particularly important in sensitive facilities such as airports where a lost, stolen or improperly managed physical access card could allow the hijacking of an aircraft.
Another impediment to the merger of physical and logical security systems is the lack of formal standards developed specifically for physical security systems.
De facto standards are being promulgated by IT professionals who advocate the use of open computer system architectures, standardized networking protocols and standardized database arrangements such as ODBC. An example of an integrated physical and logical security system is described in U.S. Pat. No. 6,233,588 to Marchoili, et al. The Marchoili reference addresses the lack of standardization in centralized physical and logical security systems computing capabilities but does not address the lack of standardization of security controllers which must interact with the security systems.
The lack of standardization in security controllers is still an important impediment to the merger of physical and logical security systems as many security clients still lack standard network interface capabilities. For example, HID Corporation offers an advanced contactless smart card driven door controller MIFARE® (6055B). The advanced implementation of a contactless smart card provides a convenient and secure medium for use with both physical and logical security systems. However, a major drawback of this security controller is the lack of a standard network interface. Instead, the controller is provided with an RS-232C interface for local connection with a standard personal computer system using. (See HID MIFARE® (6055B) Reference Sheet, MRG-EN-US, Rev. 10-02 which is herein incorporated by reference.)
The RS-232C interface is used to locally load or update a memory cache associated with the security controller with authorized smart card codes using proprietary software and communication protocols running on a personal computer. This arrangement limits scalability, requires that remote security controllers be managed individually and prevents dynamic and centralized changes to be made to authorized smart card codes.
Other security controller vendors do offer standard network interface capabilities but usually incorporate weak static passwords and/or proprietary authentication coding which is less than ideal, particularly in evolving wireless security controller implementations where communications with a centralized security system may be more easily intercepted. In many cases, the security controllers are usually routed to a centralized control panel using a serial link which is then connected to a standard network.
As such, an ideal security controller would include standard network interface capabilities, ensure secure communications with an integrated security system even over wireless telecommunications links, take advantage of the convenience and security offered by smart cards and seamlessly integrate with current generation logical security systems.